Off-Canvas Sidebars & Menus (Slidebars) Security & Risk Analysis
wordpress.org/plugins/off-canvas-sidebarsAdd off-canvas sidebars (Slidebars) containing widgets, menus or other content using the Slidebars jQuery plugin.
Is Off-Canvas Sidebars & Menus (Slidebars) Safe to Use in 2026?
Generally Safe
Score 96/100Off-Canvas Sidebars & Menus (Slidebars) has a strong security track record. Known vulnerabilities have been patched promptly.
The 'off-canvas-sidebars' plugin v0.5.9 exhibits a mixed security posture. While the static analysis reveals no critical vulnerabilities in code signals like SQL injection, file operations, or external requests, and a reasonable number of nonce and capability checks, the output escaping is a significant concern, with only 21% of outputs being properly escaped. This indicates a high risk of Cross-Site Scripting (XSS) vulnerabilities, especially given the plugin's history which includes four medium severity CVEs, two of which were XSS and CSRF related. The fact that all past vulnerabilities are currently patched is positive, but the recurring nature of XSS and CSRF suggests a persistent weakness in handling user-supplied data or form submissions. The presence of a shortcode as an entry point without an explicit authentication check is a minor concern, though the overall attack surface is small.
Key Concerns
- Low percentage of properly escaped output
- Vulnerability history shows past XSS and CSRF
- Shortcode without explicit auth check
Off-Canvas Sidebars & Menus (Slidebars) Security Vulnerabilities
CVEs by Year
Severity Breakdown
4 total CVEs
Off-Canvas Sidebars & Menus (Slidebars) <= 0.5.8.5 - Cross-Site Request Forgery
Off-Canvas Sidebars & Menus (Slidebars) <= 0.5.8.4 - Reflected Cross-Site Scripting
Off-Canvas Sidebars & Menus (Slidebars) <= 0.5.8.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
Off-Canvas Sidebars & Menus (Slidebars) <= 0.5.8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
Off-Canvas Sidebars & Menus (Slidebars) Code Analysis
Bundled Libraries
Output Escaping
Off-Canvas Sidebars & Menus (Slidebars) Attack Surface
Shortcodes 1
WordPress Hooks 45
Maintenance & Trust
Off-Canvas Sidebars & Menus (Slidebars) Maintenance & Trust
Maintenance Signals
Community Trust
Off-Canvas Sidebars & Menus (Slidebars) Alternatives
Widget Menuizer
widget-menuizer
Unlock the full potential of the WordPress menu system to create mega menus and more by adding sidebar regions and widgets to your menus.
WooSidebars
woosidebars
WooSidebars adds functionality to display different widgets in a sidebar, according to a context (for example, a specific page or a category).
Content Aware Sidebars – Fastest Widget Area Plugin
content-aware-sidebars
Display new sidebars on any post, page, category etc. Works with Classic Widgets, Block Widgets, and all themes!
Simple Page Sidebars
simple-page-sidebars
Easily assign custom, widget-enabled sidebars to any page.
Advanced Sidebar Menu
advanced-sidebar-menu
Fully automatic sidebar menus.
Off-Canvas Sidebars & Menus (Slidebars) Developer Profile
10 plugins · 112K total installs
How We Detect Off-Canvas Sidebars & Menus (Slidebars)
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/off-canvas-sidebars/js/source/slidebars.min.js/wp-content/plugins/off-canvas-sidebars/css/slidebars.min.css/wp-content/plugins/off-canvas-sidebars/css/source/slidebars.scss/wp-content/plugins/off-canvas-sidebars/js/source/off-canvas-sidebars.js/wp-content/plugins/off-canvas-sidebars/css/source/off-canvas-sidebars.scss/wp-content/plugins/off-canvas-sidebars/js/source/slidebars.min.js/wp-content/plugins/off-canvas-sidebars/js/source/off-canvas-sidebars.jsoff-canvas-sidebars/js/source/slidebars.min.js?ver=off-canvas-sidebars/css/slidebars.min.css?ver=off-canvas-sidebars/js/source/off-canvas-sidebars.js?ver=off-canvas-sidebars/css/source/off-canvas-sidebars.scss?ver=HTML / DOM Fingerprints
sb-site-wrappersb-canvas-wrapsb-canvassb-slidebarsb-rightsb-leftsb-closesb-toggle+4 more<!-- Off-Canvas Sidebars & Menus (Slidebars) --><!-- Main instance of Off-Canvas Sidebars. --><!-- Off-Canvas Sidebars plugin control trigger API. --><!-- HTML elements not supported as a control trigger. -->+3 moredata-ocs-sidebar-iddata-ocs-toggledata-slidebarsdata-sb-iddata-sb-site-wrapperdata-sb-closeSlidebarssb